The New Old Enemy: Defending Against the Resurgence of Classic Cyber Threats

Сybercrime has become one of the most lucrative illicit industries in the world, with the potential to earn hackers billions of dollars every year. The constantly evolving tactics and techniques of cybercriminals make it difficult for even the most experienced cybersecurity experts to keep up. One of the most alarming trends in recent years has been the resurgence of old and forgotten malware, such as Emotet, which continues to wreak havoc throughout the cybersecurity world.

Evolving Tactics of Cybercriminals

Cybercriminals are continually honing their skills and evolving their tactics to stay ahead of the latest security measures. They are becoming more meticulous and inventive in their ploys, even reviving outdated and long-forgotten techniques. Many of these methods may seem outdated or irrelevant, but they can still be surprisingly effective, especially when used in conjunction with other more modern tactics.

One example of this is the resurgence of Distributed Denial of Service (DDoS) attacks. DDoS attacks involve flooding a target server with traffic from multiple sources, causing it to become overwhelmed and inaccessible. While more sophisticated attacks like ransomware or APTs may steal the headlines, DDoS attacks remain one of the most effective methods of taking down a website or system. Cybercriminals use advanced botnets to carry out these attacks, which are often made up of compromised IoT devices, home routers, and other connected devices.

The Shrewdness of Cybercriminals

Many of the most successful cybercriminals are shrewd; they want a good return on investment but don’t want to have to reinvent the wheel to get it. This means that, instead of creating new malware from scratch, they are increasingly opting to reuse old code or bring back previously successful methods that have fallen out of favor. This practice is known as code reuse and is becoming more prevalent in the cybersecurity world.

Code reuse can be tough for cybersecurity experts to defend against, as old code is often already known and may have been used for years without generating any issues. This makes it less likely to be detected by standard signature matching or other detection methods. It also means that it can take a long time to discover that a breach has occurred and track down the source of the issue.

Re-emergence of known malware and threats

Code reuse is not the only trend that has led to the resurgence of old malware and threats. The re-emergence of well-known names in the botnet, malware, and wiper space, such as Emotet and GandCrab among others, has served as a reminder that threats and malware never truly go away. Instead, they evolve and adapt, becoming more dangerous and harder to detect.

According to a recent report by cybersecurity firm Check Point Research, the majority of the top malware observed was more than a year old. This highlights the fact that cybercriminals are no longer relying solely on the latest and greatest techniques but are instead using a combination of new and old methods to achieve their goals.

Persistence of Emotet

“Emotet” is a particularly noteworthy example of this trend. First discovered as a banking trojan in 2014, Emotet has been causing havoc ever since. It is a polymorphic malware that can change its code to avoid detection, making it a particularly tricky adversary to defend against. It has been used to deliver other malware such as Trickbot and Ryuk ransomware and has become a favorite tool of many cybercriminals.

In January 2021, Emotet suddenly disappeared from the scene, with no new activity observed for almost a year. Many experts believed that this was the end of the threat or that law enforcement agencies had finally managed to take it down. However, Emotet is a particularly resilient piece of malware and it came back in November of that year with a vengeance. The newly revived version of Emotet was even more dangerous than its predecessor, and its operators had taken the time to update its code and infect a new set of targets.

The Importance of Effective Defense Strategies

So, how can organizations defend against these constantly evolving cyber threats? The key is to develop effective defense strategies that can adapt to changing circumstances. Your ability to defend against, identify, and neutralize such risks quickly determines the success of your security stance and your ability to keep your enemies out.

Using strategies like segmentation throughout the distributed network makes it simpler to detect and stop lateral movement across your infrastructure, even when architectural designs change. This approach divides networks into smaller, more manageable sections, reducing the potential impact of a breach spreading throughout the entire network.

Defeating Dangerous Trends

The resurgence of old malware and threats like Emotet is a worrying trend that shows no signs of slowing down. To stay ahead of these threats, organizations must be proactive in their defenses and focus on updating their cybersecurity policies and procedures regularly. This includes leveraging defense-in-depth strategies to mitigate the risks associated with code reuse and the use of old malware.

Organizations must continually update their defense strategies to ensure they can keep up with the evolving tactics of cybercriminals. By understanding how hackers are evolving their tactics and techniques, organizations can more effectively defend against them and prevent costly data breaches that could ultimately damage their reputation and bottom line.

Emotet and other old malware threats serve as critical reminders that the cybersecurity landscape is ever-evolving and that organizations must stay vigilant to avoid being vulnerable to attacks. Cybercriminals are constantly adapting their tactics and techniques to remain one step ahead, and it is up to organizations to invest in effective cybersecurity defenses to defend against these threats. By staying ahead of the curve and proactively updating their defenses, organizations can better prevent data breaches and theft of confidential information, thereby protecting both themselves and their customers.

Explore more

Employee Engagement Crisis: How to Restore Workplace Happiness

We’re thrilled to sit down with Ling-Yi Tsai, a renowned HRTech expert with decades of experience helping organizations navigate change through innovative technology. With a deep focus on HR analytics and the seamless integration of tech in recruitment, onboarding, and talent management, Ling-Yi offers invaluable insights into the pressing challenges of employee engagement and workplace well-being. In this conversation, we

How Is AI Transforming Digital Marketing Strategies?

Artificial Intelligence (AI) is rapidly becoming a cornerstone of digital marketing, fundamentally altering how brands connect with audiences in an increasingly crowded online space. As businesses grapple with the challenge of capturing consumer attention amidst endless streams of content, AI offers a lifeline by providing tools that personalize experiences, streamline operations, and deliver data-driven insights. This technological shift is not

Business Central Mobile Apps Transform Operations On-the-Go

In an era where business agility defines success, the ability to manage operations from any location has become a critical advantage for companies striving to stay ahead of the curve, and Microsoft Dynamics 365 Business Central mobile apps are at the forefront of this shift. These apps redefine how organizations handle essential tasks like finance, sales, and inventory management by

Transparency Key to Solving D365 Pricing Challenges

Understanding the Dynamics 365 Landscape Imagine a business world where operational efficiency hinges on a single, powerful tool, yet many enterprises struggle to harness its full potential due to unforeseen hurdles. Microsoft Dynamics 365 (D365), a leading enterprise resource planning (ERP) and customer relationship management (CRM) solution, stands as a cornerstone for medium to large organizations aiming to integrate and

Generative AI Transforms Finance with Automation and Strategy

This how-to guide aims to equip finance professionals, particularly chief financial officers (CFOs) and their teams, with actionable insights on leveraging generative AI to revolutionize their operations. By following the steps outlined, readers will learn how to automate routine tasks, enhance strategic decision-making, and position their organizations for competitive advantage in a rapidly evolving industry. The purpose of this guide